Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.carifred.com | unknown | 2009-12-04 | 2012-05-21 | 2024-03-28 | 482 B | 10 MB | 74.208.128.80 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.carifred.com/uvk/UVK.zip
IP
74.208.128.80
ASN
#8560 IONOS SE
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
10 MB (10022746 bytes)
Hash
8964130588f570ca07aef339d94d2c71
e86702816b60f4523ba2726a32ef90f1bf27a80a
Archive (28)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
BlueScreenView.chm | d130e5001531448871bb8ef10c106b25 | MS Windows HtmlHelp Data | ||||||
BlueScreenView.exe | 6126f1221d29712c069ee28ef4186e24 | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
readme.txt | acecb7d7af592da7a843ef44b4500818 | ASCII text, with CRLF line terminators | ||||||
cleanup.exe | 43bee82c5be9ff1f315f7e04e0c2913a
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
cleanup.ini | 1d1e8db5611cb01984b24381978371c1 | ASCII text, with CRLF line terminators | ||||||
msicuu.exe | 06109701320fb25f00e004110676a6f2
| PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections | ||||||
msicuu_readme.txt | 31f061b4053a587c987096ed824eff76 | ASCII text, with very long lines (542), with CRLF line terminators | ||||||
MsiZap.exe | 27d4bcc325306b1415a89de550528e04 | PE32 executable (console) Intel 80386, for MS Windows, 3 sections | ||||||
msizapw.exe | 27d4bcc325306b1415a89de550528e04 | PE32 executable (console) Intel 80386, for MS Windows, 3 sections | ||||||
readme.txt | cf28fd8623c794542149d7e730e34106 | Non-ISO extended-ASCII text, with CRLF line terminators | ||||||
sigcheck.exe | d49706ab3d9e1a1fe1e0b72d7d0e8559 | PE32 executable (console) Intel 80386, for MS Windows, 4 sections | ||||||
unicows.dll | e1102cedf0c818984c2aca2a666d4c5f | PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections | ||||||
7za.exe | 42badc1d2f03a8b1e4875740d3d49336 | PE32 executable (console) Intel 80386, for MS Windows, 5 sections | ||||||
AutoItRun.exe | 0f0a43c382616c17b659044ea13455dd
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
AutoItRun64.exe | 4cc9033d969fef277c6f2a736a90f804
| PE32+ executable (GUI) x86-64, for MS Windows, 6 sections | ||||||
Log analyzer.exe | 7c772b8fec193cf85bf0f697b41a22df
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
2Browse.exe | 50fdc6d331e1b54d1adfab165aa1dde6
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
RebootExec.exe | a723a716dd25cf4fded4f5c5f60f3eef
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
RebootExecx64.exe | ebca7756c615cfbdddb41234f3521245
| PE32+ executable (GUI) x86-64, for MS Windows, 6 sections | ||||||
WAU Manager.exe | 452468d677721a6b3f3a61c7e6f25532
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
ClearDiskInfo.exe | d408090bf1b1ce3977d3b674451a5b37
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
DiskCopy.bat | 6ed823b277da7b047f6beda22aa0616b | DOS batch file, ASCII text, with CRLF line terminators | ||||||
DiskCopy.exe | 07fc499d32e623dfa38a0049b821653e | PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
uvkres.dll | c1e51820b6059ac7b46326152b2c1717 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
UVK_en.exe | 8789d739757837996cd03dc6fec1e32f
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
UVK_en64.exe | 2164fd7289c4b4e43b73433272157f09
| PE32+ executable (GUI) x86-64, for MS Windows, 7 sections | ||||||
PortableZip.ini | d41d8cd98f00b204e9800998ecf8427e | |||||||
License.htm | 94c8cd4e199f72946aef86fca55a06a6 | HTML document, ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |
---|---|---|---|---|
www.carifred.com/uvk/UVK.zip | 74.208.128.80 | 200 OK | 10 MB | |
HTTP Headers
| ||||